Torrent download = endless Portscans? Help me please!

Dear EE,

1.)  I have an Astaro ASG220 firewall defending my corporate network.  However, my question is not specific to Astaro's.

2.)  I run the premium (pay version) of AVG 8.5 on my laptop.  I had to disable the software firewall because it conflicted with Appriver hosted exchange.  So I'm using AVG 8.5 without any software firewall.  

3.)  THE PROBLEM:  Everytime anybody on my LAN starts a torrent download - I receive an endless stream of 'portscans' warnings from the Astaro that lists the host's IP address the portscans are coming from.  I just started a 7-hour torrent for Fedora-10-x86_64-CDs (something I would expect to be clean) that I simply must download for tomorrow - no excuses.  You guessed it - the instant I started the download - the Astaro starts sending me portscan warnings.  Super frustrating!  How is it possible that every torrent is "infected" with a portscan viruses?

4.)  MAIN QUESTION:  What precautions can I make to neutralize portscans prior, during, after a torrent download?  How do you neutralize active portscans - without killing a critical download?

5.)  FYI:  It has been roughly (100) minutes since I began the download - I have transmitted over (300) portscans from my laptop that my Astaro has warned on.

6.)  PEOPLE WITHOUT HARDWARE FIREWALLS THAT LIKE TORRENT:  Take it from me - lately - ALL torrents are infected with portscans.  Yes ALL of them.  I don't pretend to know why or how.  My point is only that you should pay attention to the steps to neutralize portscans even though you don't have a firewall confirming that you're sending portscans.  Be careful.

Who is Participating?
Bradley HaynesConnect With a Mentor Commented:
What OS are you running?
Also, set the torrent client to one port and create a tunnel thru the router to that port.
Create a rule in the firewall for that port to allow traffic. If you can limit the time window to the hours that you know ppl will be using their torrent client.
Bradley HaynesCommented:
Some torrent sites have various ports they use to transfer files. To determine what port you have listening a scan may be done.
In your Firewall you can make a specific exception for the application/torrent client.
Also set up a DMZ so you can "Clean" all the torrents downloaded before they are injected into your production network.
buymycorpAuthor Commented:
The torrent was finished when I arrived back at work this morning.  The finished Fedora_10 cd's were in my torrents\completed folder.  I erased & removed the torrent from the Utorrent client before closing the Utorrent client.  I then burned my (6) CD's and then DELETED EVERYTHING to do with the torrent and downloaded files.

 I'm still receiving portscan warnings from the Astaro every 2 or 3 mintues!!!!  Luckily I have Appriver and they have no mailbox limit!  My mailbox had 1,600 warning emails this morning .  

Again, I don't want to know how to dumb-down my Astaro.  I want to know how to neutralize this portscan.  I'm going to reboot and see if that helps.    
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.